Gave in the "Users or User Groups" query field. So gave it a try and used the exact format Dieter I tested Dieter's query in AD, adding the query elements SCSM automatically adds to the query in order to confirm first that it pulled just the non-disabled users and groups, and it worked fine there. Any advice or guidance would be most appreciated. Since my query works correctly in AD, I'm not certain why it isn't working in SCSM. My question is this - do LDAP queries made using the AD Connector not support the bitwise query used above to exclude disabled accounts? Or is there another piece of query tied to the AD connector's field itself which may be interfering with mine? I have confirmed that my other AD Connectors (One for computers and printers, one for AD groups, both limited via LDAP queries of their own) are working correctly and are not pulling in the disabled user accounts.
Ldap query user manager full#
However, when I configure an AD Connector in SCSM and enter the above query into the LDAP field (confirming that the checkbox is checked and that the connector is configured to just pull the results of the LDAP queries) and let the Connector sync, I stillĮnd up with the full 13,000 accounts being pulled into SCSM. When I run the above query in ADUC, it correctly pulls all non-disabled User accounts, giving me just over 8,000 results. If I run a query in ADUC for User accounts regardless of disabled status, it finds some 13,000 results.
Here is my primary query for pulling non-disabled AD user accounts: (&(objectcategory=person)(objectclass=user)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)) I am attempting to use an LDAP query with the AD connector to only import non-disabled user accounts from Active Directory.
0 kommentar(er)
